# Copyright (c) 2014-2026 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: santa stealer

# Reference: https://x.com/solostalking/status/2000789219300794612
# Reference: https://x.com/volrant136/status/2001352399458652194
# Reference: https://www.rapid7.com/blog/post/tr-santastealer-is-coming-to-town-a-new-ambitious-infostealer-advertised-on-underground-forums/
# Reference: https://www.virustotal.com/gui/file/0137e78cb20494b575089f0429ba0d101a86a64be48ef59e8720b2a19fc6a0d0/detection
# Reference: https://www.virustotal.com/gui/file/0f41e0bcf56804e9e6d8fb99c858de119594f9d96c2eac5e4c2701b1ba20e548/detection
# Reference: https://www.virustotal.com/gui/file/1a063d0f7ee5f3162f834b8a484f6249ad11165ed5892f451aec9c64038df597/detection
# Reference: https://www.virustotal.com/gui/file/26c3abc8bf32ff0f548adfa3c5fdf430c9bf061865512b83c4559553e668766c/detection
# TITLE-HOP/IP=SantaStealer | PANEL

http://31.57.38.244
http://80.76.49.228
31.57.38.119:6767
31.57.38.244:6767
80.76.49.114:6767
80.76.49.228:6767
stealer.su
asgqt215af.anondns.net
fash2fa.kozow.com
neomagic.kei.pl

# Reference: https://x.com/smica83/status/2026611259701948689
# Reference: https://www.virustotal.com/gui/file/f65b4f2c1eb104b54eecf17d0d838c8e7409844e2424fc93ddd6b5ea9ac7cdcd/detection
# Reference: https://www.virustotal.com/gui/file/ce10e9341a83d1e651b87af013e2a948b5e1abe98f27ffc83490271bd8851fde/detection
# BANNER_0_HASH-HOST=4a786e6d861dc2540ae5e2f3695c06b1
# BANNER_0_HASH-HOST=8551da9b3947592501a7ef4dd943c84d

angry-toaster.com
apps-measurement.com
dusty-comet-jazz.com
hungry-pixel.com
kernel-compass.com
laughing-octo.info
velvet-parrot.com
